<?php

  $fname = mysql_real_escape_string($_GET['fname']);
  $mname = mysql_real_escape_string($_GET['mname']);
  $lname = mysql_real_escape_string($_GET['lname']);
  $address = mysql_real_escape_string($_GET['address']);
  $country = mysql_real_escape_string($_GET['country']);
  $state = mysql_real_escape_string($_GET['state']);
  $nationality = mysql_real_escape_string($_GET['nationality']);
  $tel = mysql_real_escape_string($_GET['tel']);
  $mobile = mysql_real_escape_string($_GET['mobile']);
  $email = mysql_real_escape_string($_GET['email']);
  $dob = mysql_real_escape_string($_GET['dob']);
  $gender = mysql_real_escape_string($_GET['gender']);
  $marital = mysql_real_escape_string($_GET['marital']);
  $military = mysql_real_escape_string($_GET['military']);
  $uniDegree = mysql_real_escape_string($_GET['uniDegree']);
  $uni = mysql_real_escape_string($_GET['uni']);
  $faculty = mysql_real_escape_string($_GET['faculty']);
  $department = mysql_real_escape_string($_GET['department']);
  $grade = mysql_real_escape_string($_GET['grade']);
  $gYear = mysql_real_escape_string($_GET['gYear']);
  $appJob = mysql_real_escape_string($_GET['appJob']);
  $gProject = mysql_real_escape_string($_GET['gProject']);
  $jObjectives = mysql_real_escape_string($_GET['jObjectives']);
  $jField = mysql_real_escape_string($_GET['jField']);
  $tEmployer1 = mysql_real_escape_string($_GET['tEmployer1']);
  $tFrom1 = mysql_real_escape_string($_GET['tFrom1']);
  $tTo1 = mysql_real_escape_string($_GET['tTo1']);
  $tProject1 = mysql_real_escape_string($_GET['tProject1']);
  $tEmployer2 = mysql_real_escape_string($_GET['tEmployer2']);
  $tFrom2 = mysql_real_escape_string($_GET['tFrom2']);
  $tTo2 = mysql_real_escape_string($_GET['tTo2']);
  $tProject2 = mysql_real_escape_string($_GET['tProject2']);
  $tEmployer3 = mysql_real_escape_string($_GET['tEmployer3']);
  $tFrom3 = mysql_real_escape_string($_GET['tFrom3']);
  $tTo3 = mysql_real_escape_string($_GET['tTo3']);
  $tProject3 = mysql_real_escape_string($_GET['tProject3']);
  $eEmployer1 = mysql_real_escape_string($_GET['eEmployer1']);
  $eFrom1 = mysql_real_escape_string($_GET['eFrom1']);
  $eTo1 = mysql_real_escape_string($_GET['eTo1']);
  $eProject1 = mysql_real_escape_string($_GET['eProject1']);
  $eEmployer2 = mysql_real_escape_string($_GET['eEmployer2']);
  $eFrom2 = mysql_real_escape_string($_GET['eFrom2']);
  $eTo2 = mysql_real_escape_string($_GET['eTo2']);
  $eProject2 = mysql_real_escape_string($_GET['eProject2']);
  $eEmployer3 = mysql_real_escape_string($_GET['eEmployer3']);
  $eFrom3 = mysql_real_escape_string($_GET['eFrom3']);
  $eTo3 = mysql_real_escape_string($_GET['eTo3']);
  $eProject3 = mysql_real_escape_string($_GET['eProject3']);
  $cCourse = mysql_real_escape_string($_GET['cCourse']);
  $sComputer = mysql_real_escape_string($_GET['sComputer']);
  $sLanguage = mysql_real_escape_string($_GET['sLanguage']);
  $sPersonal = mysql_real_escape_string($_GET['sPersonal']);
  $references = mysql_real_escape_string($_GET['references']);

  $con = mysqli_connect('localhost', 'root', '', 'hrsys');
  if (!$con)
    {
    die('Could not connect: ' . mysql_error());
    }

  $sql = "INSERT INTO `hrsys`.`cvs` 
          (`fname`, `mname`, `lname`, `address`, `country`, `state`, `tel`, `mobile`, `email`,
            `dob`, 
            `nationality`, `gender`, `marital`, `military`, `degree`, `university`, `faculty`,
            `department`, `grad_project`, `grade`, `grad_year`, `app_job`, `job_objective`, `job_field`,
            `t_employer1`, `t_from1`, `t_to1`, `t_project1`, `t_employer2`, `t_from2`,
            `t_to2`, `t_project2`,`t_employer3`, `t_from3`, `t_to3`, `t_project3`,`e_employer1`,
            `e_from1`, `e_to1`, `e_job1`, `e_employer2`, `e_from2`, `e_to2`, `e_job2`,
            `e_employer3`,`e_from3`, `e_to3`, `e_job3`,`courses`, `comp_skill`, 
            `lang_skill`, `person_skill`, `ref`, `createdat`, `updatedat`
          )
          VALUES 
          ('$fname','$mname', '$lname', '$address', '$country', '$state', '$tel', '$mobile',
           '$email', DATE_FORMAT(DATE('$dob'), '%Y-%m-%d'),
           '$nationality', '$gender', '$marital', '$military', '$uniDegree', '$uni',
           '$faculty', '$department', '$gProject', '$grade', $gYear,'$appJob' , '$jObjectives',
           '$jField', '$tEmployer1', '$tFrom1', '$tTo1', '$tProject1', '$tEmployer2', 
           '$tFrom2', '$tTo2', '$tProject2', '$tEmployer3', '$tFrom3', '$tTo3', '$tProject3',
           '$eEmployer1', '$eFrom1', '$eTo1', '$eProject1', '$eEmployer2', '$eFrom2', '$eTo2', 
           '$eProject2', '$eEmployer3', '$eFrom3', '$eTo3', '$eProject3', '$cCourse', 
           '$sComputer', '$sLanguage', '$sPersonal', '$references', 
           DATE_FORMAT(SYSDATE(), '%Y-%m-%d %H:%i:%S'), 
           DATE_FORMAT(SYSDATE(), '%Y-%m-%d %H:%i:%S')
          );";

  if( mysqli_query($con,$sql) )
  {
    echo '<div class="alert alert-success">';
    echo 'Cv stored successfully';
    echo '</div>';
    $myFile = "user_login.xml";
    $fh = fopen('log/' . $myFile, 'a') or die("can't open file");
    $stringData = date("d-m-Y H:i:s") . ' : ' ;
    fwrite($fh, $stringData);
    $stringData = 'Added new cv ' . PHP_EOL;
    fwrite($fh, $stringData);
    fclose($fh);
  }
  else
  {
    echo '<div class="alert alert-error">';
    echo 'Sorry, Error occured try again!';
    echo '</div>';
    $myFile = "errors_log.txt";
    $fh = fopen('log/' . $myFile, 'a') or die("can't open file");
    $stringData = date("d-m-Y H:i:s") . ' : ' ;
    fwrite($fh, $stringData);
    $stringData = 'getAddCv.php:' . $con->error . PHP_EOL;
    fwrite($fh, $stringData);
    fclose($fh);
  }
  mysqli_close($con);

?>